68ffe5e10f64256e4303a67d8174fae4e34b276626abca5a49268fb4a2ca1afa | Triage

Analysis

max time kernel
152s
max time network
119s
platform
windows7_x64
resource
win7-en-20211208
submitted
21-01-2022 23:44

Sharing

Report Analysis Logs

General

Target

68ffe5e10f64256e4303a67d8174fae4e34b276626abca5a49268fb4a2ca1afa.pdf
Size

67KB
MD5

272e86dabab41e0db02d398920a81b71
SHA1

7d33da01fa240aadbd3e073c2a060b99f12d0e5f
SHA256

68ffe5e10f64256e4303a67d8174fae4e34b276626abca5a49268fb4a2ca1afa
SHA512

c45e65d502cbb95a15b36ac22ac9c620a7f4f35d112f374992e21f6450777809b371bb2194c00de4727e3d621739b31f8f0c4d8f1e3ebc2d788e5af3a31ceb40

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

AcroRd32.exe

pid process

1776 AcroRd32.exe
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

AcroRd32.exe

pid process

1776 AcroRd32.exe
1776 AcroRd32.exe
1776 AcroRd32.exe
1776 AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\68ffe5e10f64256e4303a67d8174fae4e34b276626abca5a49268fb4a2ca1afa.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1776

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1776-54-0x0000000076C61000-0x0000000076C63000-memory.dmp

Filesize
8KB

Download